Senior International IT & Cyber Risk Management (Ascend Money)

FINTECH
location_on Bangkok

About the role

We are looking for candidates who must have significant knowledge of Information Risk Management (IRM) methods and techniques and Cybercrime developments and who can facilitate in identification and development of new IT security initiatives, policies and processes to mitigate threats or emerging risks.

Description

  • Providing effective 2nd line of defense on oversight of Technology related risk involving in assessing, in depth, the risks in IT Infrastructure, Cloud strategy, Data Management, IT Outsourcing, IT Operations, and Big Data.
  • Assisting to update Ascend Money/True Money’s risk appetite for approval by the board.
  • Facilitating Risk and Control Self-Assessment (R&CSA) and monitoring the design and testing the operational effectiveness under Key Control Testing (KCT) and incident management of IT controls, BCP & IT-DRP and processes.
  • Coordinating and supporting the Country Risk Management team for facilitating Risk and Control Self-Assessment (R&CSA), performing Key Control Testing (KCT), setting and reviewing Key Risk Indicators (KRIs) and Incident Management.
  • Challenge business units in implementing a secured architecture aligned with the business goals and future plans, including company policy and regulatory requirements.
  •  Analysing IT incidents reported by staff and report lessons learned to the Head of International Risk and Fraud Management and the Committee.
  • Delivering the oversight, advisory and guidance on new technology risk and emerging risk.
  • Investigation, root-cause analysis, and coordination with relevant parties for data loss prevention monitoring and management.
  • Assisting the Head of International Risk and Fraud Management to bring together a holistic picture of the technology risk across the company.
  • Tracking progress status with the Country Risk Management team around remediation activities to close gaps from policy compliance assessments and various other risk assessments.
  • Providing IT & Cyber Risk dashboard for Committee and Senior Management.
  • Ad-hoc assignment.

Qualifications

  • Bachelor’s or Master’s Degree in Economic, Finance, IT or related fields.
  • Minimum 3 years of professional experience in the IT Risk Management, IT Security or IT Audit with relevant experience in the Financial Services Industry.
  • Strong organization, good presentation, communication, writing, interpersonal and teamwork skills.
  • Demonstrated ability to complete assigned projects in a timely manner and in a fast-paced, high pressure environment.
  • Multiple industry recognized certifications like CISSP, CRISC, CSSP (Cloud), CPT, ISO27001 is a plus.
  • Strong analytical and quantitative skills.
  • Thorough knowledge of IT governance and control frameworks.
  • Understanding of complex IT environments including legacy, hybrid cloud, virtualization, software defined networking is a plus.
  • Good command in both oral and written in English communication.
  • Able to travel in regional countries (i.e. Myanmar, Vietnam, Cambodia, Indonesia, Malaysia, the Philippines).